Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e394fad5222cb7aa3d076402b99b37f9_JaffaCakes118
-
Size
430KB
-
Sample
240406-3wefcafd25
-
MD5
e394fad5222cb7aa3d076402b99b37f9
-
SHA1
3a26acae79ade36db50d5e6e1eb25011dbf64da4
-
SHA256
d13931f71eab276603a9481b49b920c18ef418d3272241ad622dc73ada992d0b
-
SHA512
9cf5b848deae580e16a83d4a1b18e611d6a31ddad78661ce2a7bf17eac0ca2bcc8cec22e68a77de380fb865b82598902f9259f81f8e4e063e6f1ef6bde785aea
-
SSDEEP
6144:bgzpxyN90QE6qq3vzCqYOqN5eZkuvUAT6uIAMDr/10Dy1Omi4zANfoRsQELvLf8C:Uy90Y5ZqjokuvUA+RO/
Static task
static1
Behavioral task
behavioral1
Sample
e394fad5222cb7aa3d076402b99b37f9_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
e394fad5222cb7aa3d076402b99b37f9_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
e394fad5222cb7aa3d076402b99b37f9_JaffaCakes118
-
Size
430KB
-
MD5
e394fad5222cb7aa3d076402b99b37f9
-
SHA1
3a26acae79ade36db50d5e6e1eb25011dbf64da4
-
SHA256
d13931f71eab276603a9481b49b920c18ef418d3272241ad622dc73ada992d0b
-
SHA512
9cf5b848deae580e16a83d4a1b18e611d6a31ddad78661ce2a7bf17eac0ca2bcc8cec22e68a77de380fb865b82598902f9259f81f8e4e063e6f1ef6bde785aea
-
SSDEEP
6144:bgzpxyN90QE6qq3vzCqYOqN5eZkuvUAT6uIAMDr/10Dy1Omi4zANfoRsQELvLf8C:Uy90Y5ZqjokuvUA+RO/
Score8/10-
Adds policy Run key to start application
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-